Consulting Division – ľĹÉ« ľĹÉ« Every Interaction Count Wed, 01 Feb 2023 14:24:43 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 /wp-content/uploads/2022/11/cropped-ľĹÉ«-logo_color-icon-32x32.png Consulting Division – ľĹÉ« 32 32 The 5 Ws of HR Technology Security /the-5-ws-of-hr-technology-security Wed, 30 Mar 2022 19:24:41 +0000 https://bentechre.com/?p=2802 + Read More]]> Has your organization authored a security plan for your HR Technology? If not, the time is now.

With more and more scams plaguing the digital world these days, it’s imperative for business leaders to know what steps to take in an HR technology emergency. Start the process of authoring an HR technology catastrophe preparedness plan by considering The 5 Ws.

WHO – Identifying WHO needs to be involved during a technology emergency is step one. Keep an updated list of contacts for internal and external support personnel. Consider your vendor support teams in this list as well.

WHAT – Know WHAT the objectives are for your plan. Obviously, you want to protect the sensitive data within your organization (employee PHI, banking info, etc.). Consider any other information you want to protect, like access to web content or proprietary processes.

WHERE – Define WHERE your sensitivities lie and the ways to access each one. Target the areas within your HR technology for specific steps in the event of a technology catastrophe to support the ability to act quickly.

WHEN – Track WHEN your systems are backed up and updated. Notice any variance in the schedule and reach out to vendor support teams with any inquiries and resolution.

WHY – Communicate WHY the security plan is important to your internal team. Educate your team on the importance of the plan and help them familiarize with each step that applies to each department.

Once the 5 Ws are defined and identified, the remainder of the plan will be easier to author. A simple process for authoring such a plan is to adhere to these five principles:

  1. Protect – a solid security plan should be both proactive and reactive, considering all potential “points of entry” for all types of data sets.
  2. Respond – your security plan should detail not only the steps that will need to be taken, but also include additional information such as weblinks and login credentials for timely and efficient responses.
  3. Recover – planning out the recovery process is important. Consider contingency plans and opportunities with careful precision.
  4. Test – this is the most crucial part of any plan. Business leaders will have more confidence and find more success in a well-tested plan.
  5. Repeat – schedule times to run through your security plan several times per year or even per month. Repetition will help your team identify opportunities for efficiencies as well as any missed needs for additional security.

Refer to our recent blog for additional information about the types of security attacks we are seeing in the industry.

If your organization would like to consult with BTR about technology security, please email your inquiry to BTRProjects@bentechre.com.

 

About the Author

Hayes Stevens supports BTR brokers and their clients with their HR technology initiatives and serves as the team lead for BTR’s consulting division. With over 10 years in the HR Technology industry, he provides unparalleled expertise to clients through a strategic, long-term success framework and approach.

]]>
Tech Catastrophe Prep Steps for Employers /tech-catastrophe-prep-steps-for-employers Wed, 02 Feb 2022 15:14:07 +0000 https://bentechre.com/?p=2760 + Read More]]> February 2, 2022

What would you do if you lost access to your HR Technology right now without warning?

In today’s cloud-based society, technology is a vital tool for organizations worldwide. Without it, HR teams wouldn’t accomplish anything successfully and efficiently. One element of our technology that is often overlooked is probably the most vital – security.

Security should always be top of mind for employers when it comes to their technology. Organizations should craft a backup plan for when – not if! – technology failure or threat scenarios occur. This is why a contingency plan is key – instances of employee negligence, vendor error, cyberattacks, or ransomware can bring any operation to a grinding halt.

Catastrophe preparedness is not one-size-fits-all. Organizations should develop sustainable and effective protocols outside of their technology to reduce impacts to the organization and its people.

BTR sees common recurring factors within the market when it comes to the loss of access to data. Employers looking to maintain overall technology security for their organization should consider this checklist regarding their HR Technology systems.

  • System Maintenance Deferrals – Delaying systems updates puts data at risk and could be costly. A good technology vendor will apply a consistent schedule for replacing outdated technology and should not be utilizing products or services that are being sunset or discontinued.
  • Backups Management – Drafting protocols for backing-up data on a “cloud,” rather than on the actual premises, is becoming industry standard. It’s considered a best practice to schedule data pushes for backup maintenance, rather than always processing manual backups, keeping a close watch to make sure timely backups don’t error out and cause any data exposures.
  • Ransomware Events – Organizations should have a coordinated plan in place in the event of a long-term impact to technology access. Ransomware events typically result in a total loss of production and can cause an expansive liability of exposed data if not handled cautiously.
  • Vendor Error – Technology vendors make errors from time to time, but a lengthy timeline for resolution or spotty communications about issues can be a big red flag in some instances. Vendor errors can also cause a total production loss (which could translate to a direct impact to benefits). Employers will want to be sure to plan for short- and long-term scenarios to maintain coverage.

Technology and security needs are evolving at a rapid pace. Focusing on the security of employees’ data and personal information should be a priority to employers of all industries and sizes.

If your organization would like to consult with BTR about technology security, please email your inquiry to BTRProjects@bentechre.com.

 

About the Author

Hayes Stevens supports BTR brokers and their clients with their HR technology initiatives and serves as the team lead for BTR’s consulting division. With over 10 years in the HR Technology industry, he provides unparalleled expertise to clients through a strategic, long-term success framework and approach.

]]>